Arakasi's Home Rig

Arakasi

Level 4
Thread author
Verified
Jul 12, 2014
195
Good day,
Having a swell time just goofing around, figured i would share my setup in the interest of ... well sharing!
Questions and suggestions are always welcomed, but in the most respectable way i can put it, I have some experience under my belt. :):rolleyes:
 
  • Like
Reactions: vrb93

WinXPert

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Jan 9, 2013
1,457
UAC off, fishing for malware I guess.

Very nice setup indeed
 
  • Like
Reactions: Arakasi

Arakasi

Level 4
Thread author
Verified
Jul 12, 2014
195
For those that are hunting for that one reason to switch to encryption.
Try Deslock, it was the most simplest encryption i ever had the pleasure of setting up for FDE (Full disk encryption).
It can be standalone, or can be installed on an enterprise server and deployed to hundreds of workstations.
I also sell it officially now and it is a product that ESET picked for themselves. So you know its good stuff.
 
Last edited:

Purshu_Pro

Level 29
Verified
Honorary Member
Aug 3, 2013
1,879
Primarily Enable ur UAC, is builds the first layer of protection for modifying ur files.
 

Arakasi

Level 4
Thread author
Verified
Jul 12, 2014
195
I agree with UAC completely.
I do so much work, application testing, and programming on this computer, i would shoot myself after an hour of having to respond to prompts.
The long time experience ensures i am capable of running without it. (Habits and the like)
Thanks friends :)
 
  • Like
Reactions: vrb93

Arakasi

Level 4
Thread author
Verified
Jul 12, 2014
195
While we're on topic of UAC.
3 or 4 years ago there was a zero day that compromised UAC.
It exploited the windows kernel and allowed elevation of privilege by way of impersonation(programming tactic to impersonate the caller application at the service so that the service can access system resources on behalf of the caller).
Microsoft patched the vulnerability, but don't think it can't be attacked from a different vector, or from history we have found that patching isn't always fool proof. Usually patching is rather lazy and there is always room for re-opening what they have done.

Patching all vulnerabilities for a modern, complex software system (i.e., Windows, iOS) is often difficult due to the volume of bugs and response time requirements. Instead, software vendors usually devise quick workarounds to mitigate the exploitation of a given vulnerability. However, those patches are sometimes incomplete, and attackers can utilize different attack vectors to re-exploit a patched vulnerability.
-Blackhat Quote

Just sayin, if malware wanted to get through. It would ;). This is where the common sense needs to take over and you can't just have faith UAC is always going to do its job.
I am sure everyone here has heard this already time again. Be Smart. Good habits etc.
 
  • Like
Reactions: Deleted member 178
D

Deleted member 178

While we're on topic of UAC.
3 or 4 years ago there was a zero day that compromised UAC.
It exploited the windows kernel and allowed elevation of privilege by way of impersonation(programming tactic to impersonate the caller application at the service so that the service can access system resources on behalf of the caller).
Microsoft patched the vulnerability, but don't think it can't be attacked from a different vector, or from history we have found that patching isn't always fool proof. Usually patching is rather lazy and there is always room for re-opening what they have done.

-Blackhat Quote

Just sayin, if malware wanted to get through. It would ;).

you still have some "tools" but most UAC bypassing are via user interaction in a way or another.
 
  • Like
Reactions: Arakasi

Arakasi

Level 4
Thread author
Verified
Jul 12, 2014
195
I met some of them metasploit guys last year at BH. ;)
I have used some of their stuff in Kali Distro while providing work for clients.
In fact rapid7 spams my mailbox every week haha
 
  • Like
Reactions: Deleted member 178

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top